Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Software Security Analysis: Execution Phase Audit
Ansvarlig organisasjon
2005 (engelsk)Konferansepaper, Publicerat paper (Fagfellevurdert) Published
Abstract [en]

Code revision of a leading telecom product was performed, combining manual audit and static analysis tools. On average, one exploitable vulnerability was found for every 4000 lines of code. Half of the located threats in the product were buffer overflows followed by race condition, misplaced trust, and poor random generators. Static analysis tools were used to speed up the revision process and to integrate security tests into the overall project process. The discussion analyses the effectiveness of automatic tools for auditing software. Furthermore, the incorporation of the software security analysis into the development process, and the results and costs of the security analysis is discussed. From the initial 42 workdays used for finding all vulnerabilities, approximately 16 days were needed for finding and correcting 91,5 % of the vulnerabilities. So, proportionally small investments improve the program code security by integrating an automatic auditing tool into the ordinary execution of source code revision.

sted, utgiver, år, opplag, sider
Porto, 2005.
HSV kategori
Identifikatorer
URN: urn:nbn:se:bth-8677ISI: 000232368700028Lokal ID: oai:bth.se:forskinfoDEDB7CA1433C14AAC12573C90050E7EBOAI: oai:DiVA.org:bth-8677DiVA, id: diva2:836427
Konferanse
Euromicro
Tilgjengelig fra: 2012-09-18 Laget: 2008-01-07 Sist oppdatert: 2018-01-11bibliografisk kontrollert

Open Access i DiVA

fulltekst(199 kB)156 nedlastinger
Filinformasjon
Fil FULLTEXT01.pdfFilstørrelse 199 kBChecksum SHA-512
f339bce08b252543108ce666f6c28de3d6c9e42a7b3a8cf92934604327a308b7bafcd32a8f11da8b3038d73767ddff37e8733627f91e8306a6f553cbcede9e88
Type fulltextMimetype application/pdf

Personposter BETA

Carlsson, Bengt

Søk i DiVA

Av forfatter/redaktør
Carlsson, Bengt

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 156 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

urn-nbn

Altmetric

urn-nbn
Totalt: 132 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf